<?php
define('Acan_Afun_power',1);
/*
 * Afun_power 权限系统
 * 2010-07-08
 * http://www.abans.cn		abans@qq.com
 */
if(defined('Acan_power') && Acan_power =='1' && isset($_SESSION['usergroup']) && $_SESSION['usergroup'] > 1){
	if(!Afun_power()){
		echo '不通过';
		exit;
	}
}

function Afun_power(){
	//--默认值
	$power = array('app'=>'1','module'=>'1','contrl'=>'1','post'=>'1','get'=>'1');
	//--入口文件判断
	$power['app'] = Afun_power_in_array(Afun_power_app(),Afun_power_aurl(0));
	//--module判断
	$power['module'] = Afun_power_val('module');
	//--module判断
	$power['contrl'] = Afun_power_val('contrl');
	//--POST数据判断
	$power['post'] = Afun_power_post();
	//--GET数据判断
	$power['get'] = Afun_power_get();
	//print_r($power);
	if($power['app']=='1' && $power['module']=='1' && $power['contrl']=='1' && $power['post']=='1'  && $power['get']=='1' ){
		return true;
	}else{
		return false;
	}
}



function Afun_power_post(){
	return 1;
}
function Afun_power_get(){
	return 1;
}
//--获取入口文件名
function Afun_power_app(){
	$app = explode('.php',$_SERVER['SCRIPT_NAME']);
	$app = explode('/',$app[0]);
	return $app[1];
}

function Afun_power_val($op){
	$aurl= Afun_url();
	$pid['app'] = Afun_power_pid(Afun_power_app(),'0');//app id
	if(!empty($aurl[0])){
		$pid['module'] = Afun_power_pid($aurl[0],$pid['app']);//module id
	}
	if(!empty($aurl[1])){
		$pid['contrl'] = Afun_power_pid($aurl[1],$pid['module']);//contrl id
	}
	if($op == 'module'){
		return Afun_power_in_array($aurl[0],Afun_power_aurl($pid['app']));
	}elseif($op == 'contrl'){
		return Afun_power_in_array($aurl[1],Afun_power_aurl($pid['module']));
	}elseif($op == 'ac'){
		return Afun_power_in_array($aurl[2],Afun_power_aurl($pid['contrl']));
	}
}

//--允许的aurl
function Afun_power_aurl($pid){
	$sql = "SELECT a.aurl FROM ".Acan_table_nav." a WHERE a.pid = '$pid'";
	$model = Afun_db()->query($sql)->fetchAll();
	foreach($model as $key=>$val){
		$str[] = $val['aurl'];
	}
	return $str;
}

//获得PID
function Afun_power_pid($aurl,$pid){
	$sql = "SELECT id FROM ".Acan_table_nav." WHERE aurl = '$aurl' and pid = '$pid'";
	$model = Afun_db()->query($sql)->fetch();
	return $model['id'];
}

//--判断
function Afun_power_in_array($a,$arr){
	if(empty($a))
		return 1;
	if(!is_array($arr))
		return 1;
	if(in_array($a,$arr)){
		return 1;
	}else{
		return 2;
	}
}


?>
